1. Prerequisite
- MFA authentication (MFA) is required for accessing the HKUVPN service.
- Only the Microsoft Authenticator App or SMS (Phone Text) are supported as sign-in methods for logging into the HKUVPN service. The phone call method is NOT compatible with HKU VPN. Please refer to the appendix for instructions on changing your default sign-in method to a supported option.
- Please uninstall any earlier version of Cisco Anyconnect VPN or Cisco Secure Client from your PC before you start the following installation.
2. Configuration Procedures (to be done once only)
- Download the VPN client for Windows from here.
- Click Next.
- Select I accept the terms in the License Agreement and click Next.
- Click Install.
- In User Account Control window, click Yes to allow the installation of VPN client. The following steps are illustrated using Windows 11.
- Click Finish to complete the setup.
3. Connection Procedures
- Locate the Cisco Secure Client program from your Start Menu. You can also use Search to find it.
- Enter “vpn2fa.hku.hk” and click Connect.
- Enter your HKU email address (UID@hku.hk or UID@connect.hku.hk) and PIN in the Username and Password fields respectively and click OK
- (i) For users who choose Microsoft Authenticator App as the default sign-in method (The most common method):
- Open the Microsoft Authenticator app on your mobile device.
- Retrieve the One-time password (OTP).
(ii) For users who choose SMS (Phone Text) as the default sign-in method:
- You will receive an SMS containing the One-time password (OTP) on your registered phone number.
- The OTP is valid for 3 minutes from the time it is sent. Retrieve the OTP from the SMS.
- Enter the 6-digitOne Time Password (OTP) in the Answer box and click Continue.
- After successful connection, a VPN Logo with padlock will appear in the system tray.
- Click the VPN icon in the system tray and click Disconnect button to disconnect from HKUVPN Server.
Appendix: (Optional Step) Updating the Default Sign-in Method in MFA
- Visit your Microsoft 365 account settings at https://myaccount.microsoft.com/
- Sign in using your HKU credentials.
- Go to the “Security info” section.
- Set “App-based authentication – Notification” as your default sign-in method under the section titled “You’re using the most advisable sign-in method where it applies.”